In the world of information technology (IT), the one thing that is constant is change. This is particularly true in the realm of security, from ever-evolving threats to the technology developed in order to respond to them, new developments are occurring all the time.
As hackers become more sophisticated, and attacks more frequent, it’s no longer a matter of if your organization becomes a target, but when. One of the latest victims is FedEx, whose TNT Express was hit with a ransomware attack in June that cost the company $300 million. As we’ve pointed out, small businesses are just as vulnerable to these threats as multi-national ones. This reality is forcing many organizations to reassess how they address security efforts.
We’ve had many clients ask us how to best to allocate scarce resources toward cyber security efforts. With this in mind, we had our experts weigh in on the most important security skills for every IT team – whether an internal department or external MSP:
Security Tool Expertise
Sound security begins with knowing all of the tools at your disposal and keeping up with the latest and greatest. We meet many small business owners who use a set-it-and-forget-it default setting because they don’t have the time or knowledge to take advantage of product capabilities. This approach leaves tools operating at a fraction of their potential and opens up organizations to threats.
Product knowledge is important, but it is also critical to understand how each tool can fit into an overarching security strategy. The ability to conduct a security analysis will allow an IT team to identify the presence of conditions that make attacks more likely. Along these lines, data science skills amongst IT team members will allow for better data crunching and, as a result, the ability to block out noise in order to better identify and respond to incidents. The value of these skills is evident in CompTIA findings that demand for security analysts will grow to 18 percent by 2020.
Even in IT, project management skills like communication, collaboration, and teamwork are critical. If IT cannot communicate with the rest of the organization and its leadership, it is powerless to affect change. Additionally, the best IT professionals are able to put themselves in other people’s shoes – thinking like “the bad guys” enables an IT team to identify potential attacks before they happen and respond appropriately if they do occur.
Last but not least, the best security professionals have a passion for their work and a desire to share that knowledge. While everything above can be learned, curiosity and love for technology and other similar intangibles cannot.
Focus your efforts on hiring talent with these skills, and you will ensure that your team can mitigate and–even better–prevent the damage of cybersecurity threats.